package serv;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Servlet implementation class UpdatePwd
 */
@WebServlet(description = "修改密码", urlPatterns = { "/UpdatePwd" })
public class UpdatePwd extends HttpServlet {
	private static final long serialVersionUID = 1L;
	String UserId=null;
       
    /**
     * @see HttpServlet#HttpServlet()
     */
    public UpdatePwd() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	@Override
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		request.setCharacterEncoding("GBK");
		response.setContentType("text/html");
		response.setCharacterEncoding("GBK");
		
		PrintWriter out = response.getWriter();
		
		HttpSession session = request.getSession(true);
		if(session.getAttribute("user_name")==null){
			ReMsg(out,"无法获取用户",1);
			return;
		}
		UserId = (String) session.getAttribute("user_name");
		String usr_id = request.getParameter("usr_id");
		if(usr_id!=null){
			//重置密码
			GwkOrgan mo = (GwkOrgan) session.getAttribute("logonOrgan");
			try {
				reset_pwd(out,usr_id,mo);
			} catch (Exception e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
				ReMsg(out,"重置密码失败",2);
			}
			return;
		}
		String newpwd1 = request.getParameter("newpwd1");
		String newpwd2 = request.getParameter("newpwd2");

		if(!newpwd1.equals(newpwd2)){
			ReMsg(out,"新密码不匹配",0);
			return;
		}
		
		try {
			GwkDB gwkdb = new GwkDB();

			if(UserId.equalsIgnoreCase("manager")){
				String pwd = GwkDB.encryptMD5(newpwd1);
				gwkdb.SetPrivateProfileString("manager_pwd", pwd);
				ReMsg(out,"修改密码成功",1);
				session.invalidate();
				return;
			}
			String mysql = "update GX_CORP_USR ";
			mysql += "set USR_PWD=\'" + GwkDB.encryptMD5(newpwd1) + "\',";
			mysql += "UPD_DATE=sysdate ";
			mysql += "where USR_ID=\'" + UserId	+ "\'";
			int ret = gwkdb.update(mysql);
			if(ret<0){
				ReMsg(out,"修改密码失败",0);
				return;
			}else if(ret==0){
				ReMsg(out,"修改密码失败,用户不存在",0);
				return;
			}
			//System.out.println("sql:" + mysql);
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		ReMsg(out,"修改密码成功",1);
		session.invalidate();
	}
	
	/**   
	 * 此方法描述的是： 
	 * @author: 朱凯锋   
	 * @version: 2013年11月20日 下午3:49:43   
	 * @throws Exception 
	 */
	private void reset_pwd(PrintWriter out,String usr_id,GwkOrgan mo) throws Exception {
		// TODO Auto-generated method stub
		//判断该柜员是否属该所属机构
		GwkOrgan uo = new GwkOrgan();
		boolean match=false;
		if(!UserId.equalsIgnoreCase("manager")){
			if(uo.GetMyOrgan(usr_id)<0){
				ReMsg(out,"重置密码失败,用户不存在",2);
				return;
			}
			for(int i=0;i<mo.m_organ.size();i++){
				if(uo.getM_BANK_ORGAN_ID().compareTo(mo.m_organ.get(i).get(0).toString())==0){
					match = true;
					break;
				}
			}
			if(match){
				//判断机构级别
				int iUserId = Integer.parseInt(mo.getBank_organ_level());
				int iusr_id = Integer.parseInt(uo.getBank_organ_level());
				if(iusr_id==iUserId){
					ReMsg(out,"重置密码失败,柜员与用户同一级别",2);
					return;
				}
			}
		}else{
			//manager match
			match = true;
		}
		if(!match){
			ReMsg(out,"该柜员不是用户管辖",2);
			return;
		}
		GwkDB gwkdb = new GwkDB();

		String mysql = "update GX_CORP_USR ";
		mysql += "set USR_PWD=\'" + GwkDB.encryptMD5("999999") + "\',";
		mysql += "UPD_DATE=sysdate,upd_user='" + UserId + "' ";
		mysql += "where USR_ID=\'" + usr_id	+ "\'";
		int ret = gwkdb.update(mysql);
		if(ret<0){
			ReMsg(out,"重置密码失败",2);
			return;
		}else if(ret==0){
			ReMsg(out,"重置密码失败,用户不存在",2);
			return;
		}
		ReMsg(out,"修改密码成功",2);
	}

	/**   
	 * 此方法描述的是： 
	 * @author: 朱凯锋   
	 * @version: 2013年8月22日 上午11:20:26   
	 * @param:flag 0,error;1,succes,logon again
	 */
	void ReMsg(PrintWriter out,String oStr,int flag){
		if(flag==0){
			out.print("<script language='javascript'>alert('" + oStr +"');");
			out.print("window.location.href='Manager/UpdatePwd.html';</script>");
		}else if(flag==1){
			out.print("<script language='javascript'>alert('" + oStr +"\\n请重新登陆');");
			out.print("window.location.href='index.html';</script>");
		}else{
			out.print("<script language='javascript'>alert('" + oStr +"');");
			out.print("window.location.href='Manager/ResetPwd.html';</script>");
		}
		//out.println(oStr + "<br> ");
		//out.println("<a href='Manager/UpdatePwd.html'>请重新操作</a>");
		return;
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	@Override
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		doGet(request,response);
	}

}
